Security Fixes

Although these security issues warrant upgrading in your next maintenance window, they aren’t applicable to our default configuration and won’t impact the average user. According to the FreeBSD SA, the TCP flaw is mitigated by scrub in pf, which is enabled by default in pfSense. The OpenSSL flaw is not used by any daemons in the pfSense base system and only certain packages make use of the affected feature, so the impact there is also minimal.

Packages also have their own independent fixes and need updating. During the firmware update process the packages will be properly reinstalled. If this fails for any reason, uninstall and then reinstall packages to ensure that the latest version of the binaries is in use.

Other Fixes

Various fixes to accommodate recent changes/optimizations in the tools repository

Move clog binary to its proper place in /usr/local/ to respect hier(7)